ICD Brief 2.

ICD Brief 2.

25.07.2016. – 03.08.2016.

USA

“A presidential directive signed by President ObamaTuesday will put the FBI in charge of responding to all cyber threats and give the federal government a more active role in investigating, preventing and mitigating attempts to hack into U.S.-based computer networks.”

“The White House on Tuesday issued the U.S. government’s first emergency response manual for a major cyber attack, though some officials acknowledged it lacked clear guidance on possible retaliation against hacker adversaries.”

“The Wikileaks release of the DNC’s hacked emails is a source of outrage in the media, but we are missing the bigger picture. Cybersecurity is a serious threat to our national, corporate and personal well-being, and not just because some emails and voice mails were made public. What about all of the donors whose personal and financial information was included in that release? Sue Marquette Poremba’s opinion piece.”

“In 2015, 13.1 million Americans were victims of identity theft, according to an Identity Fraud Study by Javelin Strategy & Research. New account fraud increased by 113% in 2015.The article explores the different ways how one can make sure that one’s identity is insured.”

“Once again, hacking is front and center in the news, a reminder that businesses and individuals need to fear the long reach of cyber theft. Here is a 12-point checklist – six steps for businesses and six for individuals – to enhance cyber security. ”

“The list of critical data stored by government agencies is endless. From credit card data, passport numbers, drivers’ license numbers and tax information, government agencies are storing vast amounts of data that create the perfect treasure trove for hackers to exploit.How can one make sure that this will not happen?”

“Cybersecurity negotiations were a key part of U.S. National Security Adviser Susan Rice”s recent trip to Beijing in an effort to strengthen U.S.-China relations ahead of this year”s G20 Leaders’ Summit.”

“For cyberdefense firms, the new age of information warfare – and the ensuing climate of fear – has led to a flood of cash. Analysts at research firm Gartner says the security-software market climbed to $22 billion last year, with sales growing by $1 billion for three straight years.”

“The government should pay the same care to our safety in pursuing threats online, but right now we don’t have clear, enforceable rules for government activities like hacking and “digital sabotage.” And this is no abstract question—these actions increasingly endanger everyone’s security.”

Israel

“SafeBreach, a cybersecurity startup founded in Israel, that simulates hacks on companies’ systems to help them identify holes, has closed a $15 million series A round from existing investors Sequoia Capital and Shlomo Kramer, with participation from new entrants Deutsche Telekom Capital Partners, Hewlett Packard Pathfinder, and Maverick Ventures.”

“The Ministry of National Infrastructure, Energy, and Water Resources wants to establish a cyber laboratory and has published a request for information (RFI) on the subject. The new laboratory will act as a testing and simulation environment for industrial operations technologies, and can be used to examine the effectiveness of various protection systems.”

“Israeli authorities who have faced a wave of lone-wolf attacks by Palestinian Arabs say they have made progress in identifying potential assailants in advance, a challenge now also confronting Western nations. The article explores the “Israeli method” to stop such attacks. “

“Laws in the pipeline to govern cyber defense will not protect Israel’s democratic process from foreign hackers, in a case similar to the hack of the Democratic National Committee’s emails, apparently by Russia, members of the Knesset Foreign Affairs and Defense Subcommittee on Cyber Security said Monday.”

“Wary of a global confrontation with Russia, U.S. President Barack Obama must carefully weigh how to respond to what security experts believe was Moscow’s involvement in the hacking of Democratic Party organizations, U.S. officials said.”

UK

“Cyber Security jobs continue to rise at a fast rate in the UK, according to new research. As of June 2016, the number of jobs in cyber security has risen significantly by over 90 per cent since the same point in the previous year, positioning it as one of the UK’s most sought-after IT skills.”

“This note addresses the potential impact of Brexit on data privacy and cybersecurity legislation in the UK. It is one of a series of GTM Alerts designed to assist businesses in identifying the legal issues to consider and address in response to the UK”s referendum vote of 23 June 2016 to withdraw from the European Union.”

“UK information security firm Digital Shadows has discovered a service for setting up online shops that are perfectly suited for cyber criminals. This means there is effectively no barrier to setting up a cybercriminal business because all the necessary infrastructure and customer support is provided, eliminating the need for technical skills.”

“Symantec has warned that China-themed cyber espionage group Patchwork has expanded and is now targeting UK-based companies. A report by the firm said that it has seen the group, also sometimes colourfully dubbed Dropping Elephant, using Chinese-themed content to lure victims to infected websites in the hope of installing malware on their devices.”

“DNV GL’s centre of excellence for smart energy and cyber security testing expertise has achieved UKAS accreditation and CESG recognition. After several months of intense assessment, the newly-opened Technical Assurance Laboratory (DTAL) based in Peterborough has been accredited and recognised to offer Common Criteria and Commercial Product Assurance testing.”

“Despite the constant warnings experts keep giving out to businesses concerning cyber-security, UK’s firms won’t be prioritising it in the next 12 months. This is according to a new quarterly survey by Close Brothers. Its key takeaway is that 63 per cent of companies decided not to invest in better security, while the other 37 percent decided to do so.”

Netherlands

“The public and private sector are now joining forces to stop ransomware as part of an international initiative to combat cybercrime. Groups participating in the project include Intel Security, Kaspersky Lab, the Dutch National Police, and Europol. “

China

“There is a mantra among cybersecurity experts is that there’s only two types of companies: those that have been hacked by China, and those that don’t know they’ve been hacked yet. How did they China achieve this?”

“The cyber-attacks on Vietnam’s two major airports have affected more than 100 flights, dozens of which were delayed for up to one hour, the country’s aviation authorities said. The hackers, allegedly from China, took control of the flight information screens and displayed distorted information about the East Sea (South China Sea) and insulted Vietnam and the Philippines, according to authorities.”

“The Cabinet announced the formation of a new government agency dedicated to information security on Monday. The establishment of the Department of Cyber Security (資通安全處) will increase existing information security resources and will allow inter-ministerial coordination, said Cabinet spokesman Tung Chen-yuan (童振源).”

Russia

“The well-timed leak of e-mails from the Democratic National Committee, following a long-running breach of the DNC”s network, is a masterful piece of information warfare. The leak may only be the beginning of an effort to shape the US presidential election, or it may be a backup plan triggered by the exposure of the long-running breach. But the hacking of the DNC and the direct targeting of Hillary Clinton are only parts of a much larger operation by Russia-based hackers who have breached a number of US government networks.”

“We have to accept that someone is attacking our nation’s computer systems in an apparent attempt to influence a presidential election. This kind of cyber attack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November — that our election systems and our voting machines could be vulnerable to a similar attack.”

“The Kremlin has sharply denied the claims of U.S. officials and security experts that Moscow may have been involved in the hacking of Democratic National Committee emails, and said Thursday that it was “absurd” that Russia had infiltrated Hillary Clinton’s private server.”

“Russia”s intelligence service said on Saturday that the computer networks of 20 organizations, including state agencies and defense companies, have been infected with spyware in what it described as a targeted and coordinated attack.”

“The Kremlin says it had zero involvement in the hacking of Democratic Party emails while U.S. officials say the hack originated in Russia. We may never know who is right, but one thing is for sure – Russia had motive, capability, and form.”

EU

“Data protection officials from European Union member states do not believe the European Commission’s “adequacy determination” issued in adopting the Privacy Shield framework for transatlantic data transfers resolves their original concerns, despite last-minute revisions by the U.S. Commerce Department and EU commission prior to its adoption. The member state data protection officials – under the auspices of the Article 29 Working Party – laid out their five remaining critiques of the final adequacy determination in a July 26 press release.”